aboutsummaryrefslogtreecommitdiff
path: root/rpkid/left-right-schema.rnc
diff options
context:
space:
mode:
Diffstat (limited to 'rpkid/left-right-schema.rnc')
-rw-r--r--rpkid/left-right-schema.rnc208
1 files changed, 208 insertions, 0 deletions
diff --git a/rpkid/left-right-schema.rnc b/rpkid/left-right-schema.rnc
new file mode 100644
index 00000000..44ae964f
--- /dev/null
+++ b/rpkid/left-right-schema.rnc
@@ -0,0 +1,208 @@
+# $Id$
+#
+# RelaxNG (Compact Syntax) Schema for RPKI left-right protocol.
+#
+# libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so
+# run the compact syntax through trang to get XML syntax.
+
+default namespace = "http://www.hactrn.net/uris/rpki/left-right-spec/"
+
+# Top level PDU
+
+start = element msg {
+ attribute version { xsd:positiveInteger { maxInclusive="1" } },
+ ( self_elt | bsc_elt | parent_elt | child_elt | repository_elt | ro_elt |
+ list_resources_elt | report_error_elt )*
+}
+
+# Tag attributes for bulk operations
+tag = attribute tag { xsd:token {maxLength="1024" } }?
+
+# Combinations of action and type attributes used in later definitions.
+# The same patterns repeat in most of the elements in this protocol.
+
+ctl_cq = attribute action { "create" }, attribute type { "query" }, tag
+ctl_sq = attribute action { "set" }, attribute type { "query" }, tag
+ctl_gq = attribute action { "get" }, attribute type { "query" }, tag
+ctl_lq = attribute action { "list" }, attribute type { "query" }, tag
+ctl_dq = attribute action { "destroy" }, attribute type { "query" }, tag
+ctl_cr = attribute action { "create" }, attribute type { "reply" }, tag
+ctl_sr = attribute action { "set" }, attribute type { "reply" }, tag
+ctl_gr = attribute action { "get" }, attribute type { "reply" }, tag
+ctl_lr = attribute action { "list" }, attribute type { "reply" }, tag
+ctl_dr = attribute action { "destroy" }, attribute type { "reply" }, tag
+
+# Base64 encoded DER stuff
+base64 = xsd:base64Binary { maxLength="512000" }
+
+# How we wrap trust anchor elements
+cms_ta = element cms_ta { base64 }
+https_ta = element https_ta { base64 }
+
+# Base definition for all fields that are really just SQL primary indices
+sql_id = xsd:token { maxLength="1024" }
+
+# <self/> element
+
+self_bool = (attribute rekey { "yes" }?,
+ attribute reissue { "yes" }?,
+ attribute revoke { "yes" }?,
+ attribute run_now { "yes" }?,
+ attribute publish_world_now { "yes" }?,
+ attribute clear_extension_preferences { "yes" }?)
+
+self_payload = (attribute use_hsm { "yes" | "no" }?,
+ attribute crl_interval { xsd:token { maxLength="1024" } }?,
+ element extension_preference {
+ attribute name { xsd:token { maxLength="1024" } },
+ xsd:string { maxLength="512000" }
+ }*)
+
+self_id = attribute self_id { sql_id }
+
+self_elt |= element self { ctl_cq, self_bool, self_payload }
+self_elt |= element self { ctl_cr, self_id }
+self_elt |= element self { ctl_sq, self_id, self_bool, self_payload }
+self_elt |= element self { ctl_sr, self_id }
+self_elt |= element self { ctl_gq, self_id }
+self_elt |= element self { ctl_gr, self_id, self_payload }
+self_elt |= element self { ctl_lq }
+self_elt |= element self { ctl_lr, self_id, self_payload }
+self_elt |= element self { ctl_dq, self_id }
+self_elt |= element self { ctl_dr, self_id }
+
+# <bsc/> element. Key parameters hardwired for now.
+
+bsc_bool = ((attribute generate_keypair { "yes" },
+ attribute key_type { "rsa" }?,
+ attribute hash_alg { "sha256" }?,
+ attribute key_length { "2048" }?)?,
+ attribute clear_signing_certs { "yes" }?)
+
+bsc_id = attribute bsc_id { sql_id }
+
+bsc_payload = (element signing_cert { base64 }*,
+ element public_key { base64 }?)
+
+bsc_pkcs10 = element pkcs10_cert_request { base64 }?
+
+bsc_elt |= element bsc { ctl_cq, self_id, bsc_bool, bsc_payload }
+bsc_elt |= element bsc { ctl_cr, self_id, bsc_id, bsc_pkcs10 }
+bsc_elt |= element bsc { ctl_sq, self_id, bsc_id, bsc_bool, bsc_payload }
+bsc_elt |= element bsc { ctl_sr, self_id, bsc_id, bsc_pkcs10 }
+bsc_elt |= element bsc { ctl_gq, self_id, bsc_id }
+bsc_elt |= element bsc { ctl_gr, self_id, bsc_id, bsc_payload }
+bsc_elt |= element bsc { ctl_lq, self_id }
+bsc_elt |= element bsc { ctl_lr, self_id, bsc_id, bsc_payload }
+bsc_elt |= element bsc { ctl_dq, self_id, bsc_id }
+bsc_elt |= element bsc { ctl_dr, self_id, bsc_id }
+
+# <parent/> element
+
+parent_id = attribute parent_id { sql_id }
+
+parent_bool = (attribute rekey { "yes" }?,
+ attribute reissue { "yes" }?,
+ attribute revoke { "yes" }?)
+
+parent_payload = (attribute peer_contact_uri { xsd:anyURI { maxLength="1024" } }?,
+ attribute sia_base { xsd:anyURI { maxLength="1024" } }?,
+ attribute bsc_id { xsd:token { maxLength="1024" } }?,
+ attribute repository_id { xsd:token { maxLength="1024" } }?,
+ attribute sender_name { xsd:token { maxLength="1024" } }?,
+ attribute recipient_name { xsd:token { maxLength="1024" } }?,
+ cms_ta?,
+ https_ta?)
+
+parent_elt |= element parent { ctl_cq, self_id, parent_bool, parent_payload }
+parent_elt |= element parent { ctl_cr, self_id, parent_id }
+parent_elt |= element parent { ctl_sq, self_id, parent_id, parent_bool, parent_payload }
+parent_elt |= element parent { ctl_sr, self_id, parent_id }
+parent_elt |= element parent { ctl_gq, self_id, parent_id }
+parent_elt |= element parent { ctl_gr, self_id, parent_id, parent_payload }
+parent_elt |= element parent { ctl_lq, self_id }
+parent_elt |= element parent { ctl_lr, self_id, parent_id, parent_payload }
+parent_elt |= element parent { ctl_dq, self_id, parent_id }
+parent_elt |= element parent { ctl_dr, self_id, parent_id }
+
+# <child/> element
+
+child_id = attribute child_id { sql_id }
+
+child_bool = attribute reissue { "yes" }?
+
+child_payload = (attribute bsc_id { xsd:token { maxLength="1024" } }?,
+ cms_ta?)
+
+child_elt |= element child { ctl_cq, self_id, child_bool, child_payload }
+child_elt |= element child { ctl_cr, self_id, child_id }
+child_elt |= element child { ctl_sq, self_id, child_id, child_bool, child_payload }
+child_elt |= element child { ctl_sr, self_id, child_id }
+child_elt |= element child { ctl_gq, self_id, child_id }
+child_elt |= element child { ctl_gr, self_id, child_id, child_payload }
+child_elt |= element child { ctl_lq, self_id }
+child_elt |= element child { ctl_lr, self_id, child_id, child_payload }
+child_elt |= element child { ctl_dq, self_id, child_id }
+child_elt |= element child { ctl_dr, self_id, child_id }
+
+# <repository/> element
+
+repository_id = attribute repository_id { sql_id }
+
+repository_payload = (attribute peer_contact_uri { xsd:anyURI { maxLength="1024" } }?,
+ attribute bsc_id { xsd:token { maxLength="1024" } }?,
+ cms_ta?,
+ https_ta?)
+
+repository_elt |= element repository { ctl_cq, self_id, repository_payload }
+repository_elt |= element repository { ctl_cr, self_id, repository_id }
+repository_elt |= element repository { ctl_sq, self_id, repository_id, repository_payload }
+repository_elt |= element repository { ctl_sr, self_id, repository_id }
+repository_elt |= element repository { ctl_gq, self_id, repository_id }
+repository_elt |= element repository { ctl_gr, self_id, repository_id, repository_payload }
+repository_elt |= element repository { ctl_lq, self_id }
+repository_elt |= element repository { ctl_lr, self_id, repository_id, repository_payload }
+repository_elt |= element repository { ctl_dq, self_id, repository_id }
+repository_elt |= element repository { ctl_dr, self_id, repository_id }
+
+# <route_origin/> element
+
+ro_id = attribute route_origin_id { sql_id }
+
+ro_bool = attribute suppress_publication { "yes" }?
+
+ro_payload = (attribute as_number { xsd:token { maxLength="1024" } }?,
+ attribute ipv4 { xsd:token { maxLength="1024" } }?,
+ attribute ipv6 { xsd:token { maxLength="1024" } }?)
+
+ro_elt |= element route_origin { ctl_cq, self_id, ro_bool, ro_payload }
+ro_elt |= element route_origin { ctl_cr, self_id, ro_id }
+ro_elt |= element route_origin { ctl_sq, self_id, ro_id, ro_bool, ro_payload }
+ro_elt |= element route_origin { ctl_sr, self_id, ro_id }
+ro_elt |= element route_origin { ctl_gq, self_id, ro_id }
+ro_elt |= element route_origin { ctl_gr, self_id, ro_id, ro_payload }
+ro_elt |= element route_origin { ctl_lq, self_id }
+ro_elt |= element route_origin { ctl_lr, self_id, ro_id, ro_payload }
+ro_elt |= element route_origin { ctl_dq, self_id, ro_id }
+ro_elt |= element route_origin { ctl_dr, self_id, ro_id }
+
+# <list_resources/> element
+
+list_resources_elt = element list_resources {
+ ( attribute type { "query" }, tag, self_id, child_id ) |
+ ( attribute type { "reply" }, tag, self_id, child_id,
+ attribute valid_until { xsd:token { maxLength="1024" } },
+ attribute subject_name { xsd:token { maxLength="1024" } }?,
+ attribute as { xsd:token { maxLength="1024" } }?,
+ attribute ipv4 { xsd:token { maxLength="1024" } }?,
+ attribute ipv6 { xsd:token { maxLength="1024" } }?
+ )
+}
+
+# <report_error/> element
+
+report_error_elt = element report_error {
+ tag, self_id,
+ attribute error_code { xsd:token { maxLength="1024" } },
+ xsd:string { maxLength="512000" }?
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-31 10:42:42 +0000